It’s a fact that Android is one of the most vulnerable mobile operating systems and at the same time, people around the world widely use Samsung’s smartphones. Keeping both facts in mind; this combination makes Android devices a perfect and lucrative target for hackers and cyber criminals.
While Google is implementing security measures to tackle this threat, Samsung has launched a bug bounty program urging hackers and IT security researchers to find critical security flaws and vulnerabilities so the tech giant can fix them before malicious criminal elements get their hand on it.
In return, the company will pay between USD 200 and USD 200,000 for valid reports. An important thing to keep in mind about this bug bounty program is that Samsung will only facilitate reports demonstrating remote attacks, not the physical ones. Also, vulnerabilities found in the third-party application are not eligible for submission.
“Through this rewards program, we hope to build and maintain valuable relationships with researchers who coordinate disclosure of security issues with Samsung Mobile,” said Samsung.
The eligible devices according to the bug bounty manual include: “Galaxy S series (S8, S8+, S8 Active, S7, S7 edge, S7 Active, S6 edge+, S6, S6 edge, S6 Active), Galaxy Note series (Note 8, Note FE, Note 5, Note 4, Note Edge), Galaxy A series (A3 (2016), A3 (2017), A5 (2016), A5 (2017), A7 (2017)), Galaxy J series (J1 (2016), J1 Mini, J1 Mini Prime, J1 Ace, J2 (2016), J3 (2016), J3 (2017), J3 Pro, J3 Pop, J5 (2016), J5 (2017), J7 (2016), J7 (2017), J7 Max, J7 Neo, J7 Pop) and Galaxy Tab series (Tab S2 L Refresh, Tab S3 9.7).”
“We take security and privacy issues very seriously; and as an appreciation for helping Samsung Mobile improve the security of our products and minimizing risk to our end-consumers, we are offering a rewards program for eligible security vulnerability reports,” explained Samsung.
For more information on “Reward Program” and “Security Reporting” follow these two links 1 & 2.